US11070380B2 - Authentication apparatus based on public key cryptosystem, mobile device having the same and authentication method - Google Patents
Authentication apparatus based on public key cryptosystem, mobile device having the same and authentication method Download PDFInfo
- Publication number
- US11070380B2 US11070380B2 US15/212,343 US201615212343A US11070380B2 US 11070380 B2 US11070380 B2 US 11070380B2 US 201615212343 A US201615212343 A US 201615212343A US 11070380 B2 US11070380 B2 US 11070380B2
- Authority
- US
- United States
- Prior art keywords
- authentication
- opponent
- certificate
- response
- challenge
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active, expires
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/069—Authentication using certificates or pre-shared keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
Definitions
- the disclosure described herein relates to an authentication apparatus based on a public key cryptosystem, a mobile device having the same, and an authentication method thereof.
- An internet of things means a technology that allows a variety of things including a sensor and a communication function to connect to an internet.
- the things are various embedded systems such as a home appliance, a mobile device, a wearable device, and the like.
- various devices connect to a network for communication and data sharing, and thus the devices provide a service for a user.
- sensitive data associated with privacy of a user is transmitted through a network and is used at a service.
- an authentication apparatus identifies another participant of a communication, thereby making it possible to protect privacy through an interaction with an authenticated participant and to provide a service which a user wants.
- an authentication target is expanded, and thus there is required an authentication between components in a device.
- a device is not a device in an IoT environment, when a function of a component among components is provided without an authentication, privacy is infringed due to an attack about sensitive data of a user.
- a fake product is manufactured through the reusing or unauthorized use of a specific component.
- a function of a genuine product certification is performed by identifying an opponent (e.g., component).
- a secure service is provided by protecting privacy of a user. Accordingly, there is required a lightweight authentication apparatus which is applied at a device level as well as a component level.
- Embodiments of the disclosure provide a lightened authentication apparatus, a mobile device having the same, and an authentication method thereof.
- an authentication apparatus included in a device supporting a network communication may include a certificate handler configured to receive a certificate of an opponent and to parse or verify the certificate of the opponent.
- Cryptographic primitives receive an authentication request of the opponent to generate a random number in response to the authentication request, generate a challenge corresponding to the random number, and verify a response of the opponent corresponding to the challenge.
- a shared memory stores the parsed certificate, the random number, the challenge, and the response.
- An authentication controller controls the certificate handler, the cryptographic primitives, and the shared memory through a register setting according to an authentication protocol.
- a mobile device may include a first component and a second component. At least one of the first or second components comprises an authentication apparatus.
- the authentication apparatus may include an authentication handler configured to receive, parse or verify a certificate of an opponent.
- Cryptographic primitives generate a random number, generate a challenge corresponding to the random number, verify a response of the opponent corresponding to the challenge, or generate a response of the authentication apparatus in response to a challenge of the opponent.
- a shared memory stores the parsed certificate, the random number, the challenge, and the response.
- An authentication controller controls the certificate handler, the cryptographic primitives, and the shared memory through a register setting according to an authentication protocol, when the mobile device transmits an authentication request to the opponent or the opponent transmits an authentication request to the mobile device.
- an authentication method of an authentication apparatus may include receiving an authentication request from an opponent; setting a first register indicating the authentication request to be readable and writable; generating a first challenge in response to the authentication request; setting a second register storing the first challenge to be readable and writable; receiving a response corresponding to the first challenge and a first certificate from the opponent; and setting registers for storing the first certificate, a value for verifying the first certificate, information data, and the first response to be readable and writable.
- the method further includes verifying the first certificate and the first response and setting registers for storing an intermediate value or a result value, which is obtained in the verifying of the first certificate and the first response, to be readable and writable.
- an authentication apparatus may receive an authentication request of an opponent, verify a response of the opponent in response to the authentication request, and may generate a response of the authentication apparatus corresponding to a challenge of the opponent.
- an authentication apparatus includes a hash primitive that generates a challenge in response to an authentication request received from an opponent.
- a memory device stores the challenge.
- a control circuit receives the challenge from the memory device and transmits the challenge to the opponent.
- a certificate handler stores a certificate, received from the opponent in response to the challenge, in the memory device.
- the control circuit further stores a response, received from the opponent in response to the challenge, in the memory device.
- a public key accelerator primitive receives the response and certificate from the memory device and verifies the received response and certificate.
- FIG. 1 is a schematic diagram illustrating a network system for performing an authentication method of devices, each of which includes an authentication apparatus according to an embodiment of the disclosure;
- FIG. 2 is a block diagram illustrating an authentication apparatus according to an embodiment of the disclosure
- FIG. 3 is a block diagram illustrating an authentication controller illustrated in FIG. 2 ;
- FIG. 4 is a block diagram illustrating cryptographic primitives illustrated in FIG. 2 ;
- FIG. 5 is a block diagram illustrating data areas to be included in a shared memory when an authentication apparatus according to an embodiment of the disclosure performs an authentication protocol
- FIG. 6 is a block diagram for describing the reuse of input/output values, which are stored in a shared memory, of each of components in at least one of the components when an authentication apparatus according to an embodiment of the disclosure performs an authentication protocol;
- FIG. 7 is a state machine diagram for describing a procedure of performing a unilateral authentication protocol of an authentication apparatus according to an embodiment of the disclosure
- FIG. 8 is a table for describing management of internal information rights when an authentication apparatus according to an embodiment of the disclosure performs a unilateral authentication protocol
- FIG. 9 is a ladder diagram for conceptually describing a unilateral authentication protocol of an authentication apparatus according to an embodiment of the disclosure.
- FIG. 10 is a block diagram for describing a procedure of receiving an authentication request when an authentication apparatus according to an embodiment of the disclosure performs a unilateral authentication protocol
- FIG. 11 is a block diagram for describing a procedure of generating a challenge corresponding to an authentication request when an authentication apparatus according to an embodiment of the disclosure performs a unilateral authentication protocol;
- FIG. 12 is a block diagram for describing a procedure of receiving a public key certificate and a response of an opponent when an authentication apparatus according to an embodiment of the disclosure performs a unilateral authentication protocol;
- FIG. 13 is a block diagram for describing a procedure of verifying a public key certificate and a response of an opponent when an authentication apparatus according to an embodiment of the disclosure performs a unilateral authentication protocol;
- FIG. 14 is a state machine diagram for describing a procedure of performing a mutual authentication protocol of an authentication apparatus according to an embodiment of the disclosure
- FIG. 15 is a table for describing management of internal information rights when an authentication apparatus according to an embodiment of the disclosure performs a mutual authentication protocol
- FIG. 16 is a ladder diagram for conceptually describing a mutual authentication protocol of an authentication apparatus according to an embodiment of the disclosure.
- FIG. 17 is a block diagram for describing a procedure of transmitting a public key and a challenge of the authentication apparatus to an opponent when an authentication apparatus according to an embodiment of the disclosure performs a mutual authentication protocol;
- FIG. 18 is a block diagram for describing a procedure of receiving a public key certificate, a response, and a challenge of an opponent when an authentication apparatus according to an embodiment of the disclosure performs a mutual authentication protocol;
- FIG. 19 is a block diagram for describing a procedure of generating a response of the authentication apparatus in response to a challenge to an opponent when an authentication apparatus according to an embodiment of the disclosure performs a mutual authentication protocol;
- FIG. 20 is a block diagram for describing a procedure of generating a shared secret key when an authentication apparatus according to an embodiment of the disclosure performs a mutual authentication protocol
- FIG. 21 is a block diagram illustrating a mobile device according to an embodiment of the disclosure.
- FIG. 22 is a schematic diagram illustrating an IoT network system according to an embodiment of the disclosure.
- An authentication apparatus based on a public key cryptosystem may make it possible to reduce a size of a conventional memory, which each of multiple components independently uses, by sharing a memory and make it possible to eliminate a central processing unit (CPU) or a nonvolatile memory (NVM) by including a dedicated module which performs an authentication protocol. Accordingly, an authentication apparatus may be lightened.
- CPU central processing unit
- NVM nonvolatile memory
- the authentication apparatus may need cryptographic hardware which performs a function, which is necessary to provide a service based on a public key cryptosystem, at high speed.
- the public key cryptosystem includes a scheme or a protocol including operations of an integer which are based on a cryptographic hard problem requiring a high throughput.
- the operations of an integer may include a modular addition, a modular subtraction, a modular multiplication, and a modular exponentiation.
- the operations of an integer may include a point addition, a point doubling, a scalar multiplication, and a message digest which are on an elliptic curve.
- the authentication apparatus may be implemented by combining an executor of an integer operation and a hash executor for the message digest.
- each of the components may have a resource overlapped with each other.
- each of the components may separately need a separate memory (e.g., a static random access memory (SRAM)) to perform a unique function.
- SRAM static random access memory
- the memory may be used as a shared memory for optimization and light-weight of an authentication apparatus.
- a chip size of each of the components may be minimized by storing an internal variable of each of the components in a shared memory.
- an authentication function of a product such as a flip-cover of a smartphone, a battery, or a power cable may be implemented so as to perform authentication after a service is provided or while a service is provided. When the authentication fails, a corresponding service may be immediately interrupted.
- the authentication apparatus may not include an independent central processing unit (CPU) for performing authentication based on a public key cryptosystem and a nonvolatile memory (NVM) which stores software (SW) for performing authentication.
- an internal component of the authentication apparatus may continuously access a shared memory and may operate. Components which independently operate may share a memory with each other and may use the shared memory. At this time, the components may share data, which the components need, through the shared memory.
- FIG. 1 is a schematic diagram illustrating a network system for authenticating devices A and B each of which includes an authentication apparatus, according to an embodiment of the disclosure.
- a network system 10 may include a network 11 for a wireless/wired connection among devices A, B, and C.
- the network 11 may be an internet of things (IoT) network.
- IoT internet of things
- FIG. 1 for descriptive convenience, an embodiment of the disclosure is exemplified as three devices A, B, and C connected to the network 11 .
- the scope and spirit of the disclosure may not be limited thereto.
- the number of devices connecting to the network 11 may be four or more.
- the first device A may include a corresponding authentication apparatus 100
- the second device B may include a corresponding authentication apparatus 200
- the third device C may not include an authentication apparatus.
- an authentication method which is performed by the network system 10 for each device may be roughly classified into two manners. That is, there may be a mutual authentication between the device A including the authentication apparatus 100 and the device B including the authentication apparatus 200 and a unilateral authentication between the device A including the authentication apparatus 100 and the device B including the authentication apparatus 200 and between a device A or B including an authentication device 100 or 200 and the device C not including an authentication apparatus.
- the first device A may be a flip cover encompassing a smartphone
- the second device B may be a smartphone
- the third device C may be a device not including an authentication apparatus.
- an authentication apparatus may be used to perform an internal authentication between first and second components 201 and 202 .
- the internal authentication may include a mutual authentication or a unilateral authentication, just as with the external authentication.
- the first component 201 may be a display driver integrated chip (DDI) device
- the second component 202 may be a display device.
- An embodiment of the disclosure is exemplified in which a component 201 of the device B includes one authentication apparatus 200 , in FIG. 1 .
- another component 202 of the device B may include an authentication apparatus.
- a configuration of the authentication apparatus 100 in the first device A may be similar to a configuration of the authentication apparatus 200 in the second device B.
- FIG. 1 the network system 10 illustrated in FIG. 1 is exemplified. However, the scope and spirit of the disclosure may not be limited thereto.
- FIG. 2 is a block diagram illustrating an authentication apparatus 100 according to an embodiment of the disclosure.
- an authentication apparatus 100 may include a plurality of components 110 , 120 , 130 , and 140 .
- the authentication apparatus 100 may include an authentication controller 110 , a certificate handler 120 , cryptographic primitives 130 , and a shared memory 140 .
- the authentication controller 110 may be implemented so as to perform an authentication protocol based on a public key cryptosystem.
- the authentication protocol may be an external authentication protocol for communicating with an external device or an internal authentication protocol for communicating with an internal component.
- the authentication controller 110 may directly execute an authentication protocol through a communication with an opponent. For example, to perform an operation which is required when the authentication protocol is performed, the authentication controller 110 may repeatedly call out the components 120 and 130 each of which performs a unit operation. Moreover, the authentication controller 110 may sequentially adjust an operating point in time of each of the components 120 and 130 , and thus the components 110 , 120 , and 130 may share the shared memory 140 .
- the authentication controller 110 may control the certificate handler 120 , the cryptographic primitives 130 , and a shared memory 140 to allow other components to use a value which is inputted to one component or outputted from one component through the shared memory 140 .
- the authentication controller 110 may control the certificate handler 120 , the cryptographic primitives 130 , and the shared memory 140 which are for the authentication protocol.
- the certificate handler 120 may be implemented to manage a public key certificate.
- the certificate handler 120 may generate, parse, and verify the public key certificate.
- the certificate handler 120 may parse the public key certificate inputted from the opponent and may store the parsed public key certificate in the shared memory 140 .
- the certificate handler 120 may receive a public key certificate of the opponent and may verify whether the public key certificate of the opponent is valid, using a root certificate of a certificate authority (CA).
- CA certificate authority
- the certificate handler 120 may be implemented so as to frequently and continuously access the shared memory 140 . That is, the certificate handler 120 may be implemented so as to store internal variables for generating or verifying a public key certificate in the shared memory 140 .
- the cryptographic primitives 130 may be implemented so as to perform a public key encryption operation, to perform a hash operation, or to generate a random number.
- the cryptographic primitives 130 may generate a challenge in response to an authentication request of the opponent.
- the challenge may be obtained by inputting a random number to a hash algorithm.
- the cryptographic primitives 130 may verify a response generated from the opponent in response to the challenge of the authentication apparatus 100 .
- the response inputted from the opponent may be a signature value obtained by certifying the challenge of the authentication apparatus 100 using a private key of the opponent.
- the cryptographic primitives 130 may verify the response (or the signature value) of the opponent by decoding the challenge using the response of the opponent and a public key certificate of the opponent.
- the cryptographic primitives 130 may generate a response (or a signature value) of an authentication apparatus which corresponds to a challenge generated by the opponent.
- the cryptographic primitives 130 may generate a shared secret using a random number which is generated when an authentication protocol is performed.
- the cryptographic primitives 130 may be implemented so as to frequently and continuously access the shared memory 140 . That is, the cryptographic primitives 130 may be implemented so as to store internal variables for an encryption operation, a hash operation, or generation of a random number in the shared memory 140 .
- the shared memory 140 may be implemented so as to store: (1) data for at least one operation of the authentication controller 110 , the certificate handler 120 and the cryptographic primitives 130 , (2) data generated during an operation, or (3) data according to a result of an operation.
- the shared memory 140 may be implemented with a volatile memory, a nonvolatile memory, or a hybrid memory which is composed of a volatile memory and a nonvolatile memory.
- the shared memory 140 may be a dynamic random access memory (DRAM), a static random access memory (SRAM), an embedded multimedia card (eMMC), or the like.
- An input/output control operation of the shared memory 140 may be performed under control of the authentication controller 120 . That is, the authentication controller 120 may include a memory controller for controlling the shared memory 140 .
- the components 110 , 120 , 130 , and 140 of the authentication apparatus 100 may be implemented so as to connect to each other through data lines 101 , 102 , 103 , 104 , and 105 .
- Each of the data lines 101 , 102 , 103 , 104 , and 105 may be used as an input/output line for transmitting internal data generated when an authentication protocol is performed.
- the components 110 , 120 , and 130 of the authentication apparatus 100 may share the shared memory 140 . For this reason, input/output values of any one of the components 110 , 120 , and 130 may be shared by the remaining components. That is, the authentication apparatus 100 according to an embodiment of the disclosure may make it possible to reduce a size of a conventional memory which each of components independently uses, and thus the authentication apparatus 100 may be lightened.
- the authentication apparatus 100 may include the component 110 dedicated for an authentication protocol, thereby making it possible to eliminate a central processing unit (CPU), which drives software for performing an authentication protocol, or a nonvolatile memory (NVM). That is, the authentication apparatus 100 may be lightened.
- the authentication apparatus 100 because there is no need to store software for performing an authentication protocol, the authentication apparatus 100 according to an embodiment of the disclosure may make it possible to exclude the possibility that an error of authentication apparatus 100 occurs due to tampering with the software.
- the authentication apparatus 100 may perform an authentication protocol based on a public key cryptosystem by only using the authentication controller 110 for performing an authentication protocol and the certificate handler 120 for processing a public key certificate.
- the authentication apparatus 100 may be applied to various devices and components, and thus the authentication apparatus 100 may provide a variety of authentication functions in various environments of the devices.
- the authentication protocol which the authentication apparatus 100 according to an embodiment of the disclosure supports based on a public key cryptosystem, may be a unilateral authentication and a mutual authentication.
- a result of an operation of the authentication apparatus 100 may be a result value of an identification of the opponent.
- a result of an operation of the authentication apparatus 100 may be a result value of an identification of the opponent and a secret value which is used when a session key for a secret communication is generated after the result is generated.
- the secret value may be shared by the authentication apparatus 100 and the opponent.
- the authentication apparatus 100 illustrated in FIG. 2 is exemplified. However, the scope and spirit of the disclosure may not be limited thereto.
- FIG. 3 is a block diagram illustrating an authentication controller 110 illustrated in FIG. 2 .
- the authentication controller 110 may include registers 112 and a one-time programmable memory 114 .
- the registers 112 may include a first register 112 - 1 which stores an execution value indicating that the authentication apparatus 100 begins an authentication protocol process, a second register 112 - 2 which stores a preparation value set when an authentication request is received, and a third register 112 - 3 which stores an authentication result value.
- the first register 112 - 1 When the first register 112 - 1 is set, the authentication apparatus 100 may begin an authentication protocol operation.
- the second register 112 - 2 may be set.
- the third register 112 - 3 may be set.
- the one-time programmable memory 114 may be implemented so as to store a certificate 114 - 1 for the authentication apparatus 100 .
- the certificate 114 - 1 may include a public key 114 - 2 and a secret key 114 - 3 of the authentication apparatus 100 which are required to perform an authentication protocol based on a public key cryptosystem.
- the one-time programmable memory 114 may be implemented so as to include a counter measure for protecting the secret key 114 - 3 .
- the authentication controller 110 illustrated in FIG. 3 is exemplified. However, the scope and spirit of the disclosure may not be limited thereto.
- FIG. 4 is a block diagram illustrating cryptographic primitives 130 illustrated in FIG. 2 .
- the cryptographic primitives 130 may include a public key accelerator 131 , a hash function 132 , and a random number generator 133 .
- the public key accelerator 131 may be implemented so as to perform a modular operation or a point operation used for an authentication protocol.
- the public key accelerator 131 may connect to the authentication controller 110 through a data line 103 - 1 .
- the public key accelerator 131 may connect to the shared memory 140 through a data line 104 - 1 .
- the hash function 132 may be implemented so as to perform a hash algorithm.
- the hash function 132 may connect to the authentication controller 110 through a data line 103 - 2 .
- the hash function 132 may connect to the shared memory 140 through a data line 104 - 2 .
- the random number generator 133 may be implemented so as to generate a random number.
- the random number generator 133 may connect to the authentication controller 110 through a data line 103 - 3 .
- the random number generator 133 may connect to the shared memory 140 through a data line 104 - 3 .
- the data lines 103 - 1 , 103 - 2 , and 103 - 3 may be included in the data line 103 illustrated in FIG. 2
- the data lines 104 - 1 , 104 - 2 , and 104 - 3 may be included in the data line 104 illustrated in FIG. 2 .
- FIG. 5 is a block diagram illustrating data areas to be included in a shared memory 140 when an authentication apparatus 100 according to an embodiment of the disclosure performs an authentication protocol.
- the shared memory 140 may include a first area 141 which stores a challenge of the authentication apparatus 100 generated by the authentication controller 110 when an authentication protocol is performed, a second area 142 which stores a response generated by an opponent in response to the challenge of the authentication apparatus 100 , a third area 143 which stores a parsed certificate from the opponent, a fourth area 144 which stores a challenge transmitted from the opponent, a fifth area 145 which stores a response generated by the an authentication apparatus 100 in response to the challenge of the opponent, a sixth area 146 which stores an intermediate value for an authentication protocol, and a seventh area 147 which stores a hashed value which is a result value of a hash function.
- the third area 143 may include an area 143 - 1 which stores a public key of the opponent, an area 143 - 2 which stores a value for signature verification, and an area 143 - 3 which stores information data for performing other authentication protocols.
- FIG. 6 is a block diagram for describing the reuse of input/output values, which are stored in the shared memory 140 , of each of components 110 , 120 , and 130 in at least one of components 110 , 120 , and 130 when an authentication apparatus 100 according to an embodiment of the disclosure performs an authentication protocol.
- Input/output values of components 110 , 120 , and 130 may be stored, as described below.
- Input/output values of the public key accelerator 131 may be stored in the sixth area 146 of the shared memory 140 through the data line 104 - 1 .
- Input/output values of the hash function 132 may be stored in the seventh area 147 of the shared memory 140 through the data line 104 - 2 .
- Input/output values of the random number generator 133 may be stored in the first area 141 of the shared memory 140 through the data line 104 - 3 .
- Input/output values of the certificate handler 120 may be stored in the third area 143 of the shared memory 140 through the data line 102 .
- values stored in the shared memory 140 which are outputted from one component may be reused at another component, as described below.
- a challenge value stored in the first area 141 may be reused at the hash function 132 through the data line 104 - 5 , and the reused result value may be stored in the seventh area 147 .
- a hashed value stored in the seventh area 147 may be reused at the public key accelerator 131 through the data line 104 - 6 , and the reused result value may be stored in the sixth area 146 .
- the parsed certificate of the third area 143 may be reused at the public key accelerator 131 through the data line 104 - 7 , and the reused result value may be stored in the sixth area 146 .
- the parsed certificate of the third area 143 may be reused at the hash function 132 through the data line 104 - 8 , and the reused result value may be stored in the seventh area 147 .
- each of the components 110 , 120 , and 130 of the authentication apparatus 100 may frequently and repeatedly access the shared memory 140 and may generate an output value.
- FIG. 7 is a state machine diagram for describing a procedure of performing a unilateral authentication protocol of an authentication apparatus according to an embodiment of the disclosure. Referring to FIGS. 1 to 7 , a unilateral authentication protocol of the authentication apparatus 100 may be performed as described below.
- the authentication apparatus 100 may transition to an initial state S 110 . Moreover, a state of the authentication apparatus 100 may be transitioned from an end state S 160 to the initial state S 110 by an initialization operation. Moreover, the state of the authentication apparatus 100 may be transitioned from a fail state S 170 to the initial state S 110 by a reset operation.
- a state of the authentication apparatus 100 may be transitioned from the initial state S 110 to a wait state S 120 .
- the authentication apparatus 100 may wait for an authentication request from an opponent which is a target of an authentication protocol at the wait state S 120 .
- the state of the authentication apparatus 100 may be transitioned to a challenge generation state S 130 .
- a challenge value may be generated from the random number generator 133 of the cryptographic primitives 130 (refer to FIG. 4 ).
- the generated challenge value may be transmitted to an external device (i.e., the opponent) which is placed outside the authentication apparatus 100 .
- the state of the authentication apparatus 100 may be transitioned to a public key & response input state S 140 ; otherwise, the state of the authentication apparatus 100 may be transitioned to the fail state S 170 upon a failure of the challenge value generation S 132 .
- the public key & response input state S 140 a public key of the opponent, which wants to confirm an authorization, and a response corresponding to the challenge of the authentication apparatus 100 may be transmitted to the authentication apparatus 100 .
- the state of the authentication apparatus 100 may be transitioned to a public key & response verification state S 150 ; otherwise, the state of the authentication apparatus 100 may be transitioned to the fail state S 170 upon a failure to receive the public key and/or response S 142 .
- the public key & response verification state S 150 verification may be performed with respect to the public key of the opponent.
- the verification result indicates that the public key is a valid public key, the verification may be performed with respect to the response.
- the state of the authentication apparatus 100 may be transitioned to the end state S 160 .
- the state of the authentication apparatus 100 may be transitioned to the fail state S 170 .
- the authentication apparatus 100 may differently set a read/write right about values which are generated while the unilateral authentication protocol is performed at each operation step or values for performing the unilateral authentication protocol. That is, the values may be modified by an action of an attacker, and thus an influence due to the action affecting the authentication result may be blocked.
- the authentication controller 110 illustrated in FIG. 3 may adjust an access right about values which are stored in the registers 112 (refer to FIG. 3 ) according to an operating step of the authentication apparatus 100 , or values which are stored in the one-time programmable memory 114 (refer to FIG. 3 ).
- FIG. 8 is a table for describing management of internal information rights when an authentication apparatus according to an embodiment of the disclosure performs a unilateral authentication protocol.
- an execution value may be readable and writable.
- the execution value may be readable, and a request preparation value may be readable and writable.
- the execution value and the request preparation value may be readable, and a challenge value of the authentication apparatus 100 may be readable and writable.
- the public key & response input state S 140 the execution value and the request preparation value may be readable, and a public key value of an opponent, a certificate verification value, information data, and a challenge response value of the opponent may be readable and writable.
- the execution value, the request preparation value, a challenge value of an authentication apparatus 100 , a public key value of the opponent, the certificate verification value, the information data, and the challenge response value of the opponent may be readable, and an intermediate value, a hashed value, and an authentication result value for an authentication protocol may be readable and writable.
- the authentication result value may be readable and may not be writable.
- a read or write right setting may be implemented by a status register for storing a bit value.
- values except values in the table illustrated in FIG. 8 may not be readable and writable.
- FIG. 9 is a ladder diagram for conceptually describing a unilateral authentication protocol of an authentication apparatus 100 according to an embodiment of the disclosure.
- a unilateral authentication protocol of the authentication apparatus 100 may be performed as described below.
- the authentication apparatus 100 may receive an authentication request from an opponent 300 (S 11 ), may generate a challenge corresponding to the authentication request, and may transmit (S 12 ) the challenge to the opponent 300 .
- the opponent 300 may generate a response using the transmitted challenge.
- the authentication apparatus 100 may receive a public key and the response of the opponent 300 (S 13 ) and may verify the public key and the response using a secret key of the authentication apparatus 100 (S 14 ). Accordingly, the unilateral authentication protocol may be ended.
- the opponent 300 may be other components of the device B (refer to FIG. 1 ) including the authentication apparatus 100 or may be the device C (refer to FIG. 1 ) which is placed outside a device (i.e., the devices A or B) including the authentication apparatus 100 .
- FIG. 10 is a block diagram for describing a procedure of receiving an authentication request when an authentication apparatus 100 according to an embodiment of the disclosure performs a unilateral authentication protocol.
- an authentication request may be inputted as described below.
- the authentication apparatus 100 may receive an authentication request at the wait state S 120 (refer to FIG. 7 ) (S 11 ). At this time, the authentication request may be inputted from the device A.
- the device A may receive the authentication request from any other component or may receive the authentication request from an external device which is placed outside the device A.
- the device A may transmit the authentication request to the authentication apparatus 100 .
- the authentication request may be inputted to the authentication controller 110 .
- FIG. 11 is a block diagram for describing a procedure of generating a challenge corresponding to an authentication request when an authentication apparatus 100 according to an embodiment of the disclosure performs a unilateral authentication protocol.
- the authentication controller 110 may control the hash function 132 and the random number generator 133 in response to an authentication request (S 12 - 1 ).
- the random number generator 133 may generate a seed value corresponding to the challenge under control of the authentication controller 110 and may transmit the seed value to the shared memory 140 (S 12 - 2 ).
- the hash function 132 may generate a random value using the seed value under control of the authentication controller 110 and may transmit the random value to the shared memory 140 (S 12 - 3 ).
- the random value may be a challenge value.
- FIG. 11 the procedure of generating the challenge using the hash function 132 and the random number generator 133 is exemplified. However, the scope and spirit of the disclosure may not be limited thereto.
- the authentication controller 110 may control an input/output operation of the shared memory 140 (S 12 - 4 ).
- FIG. 12 is a block diagram for describing a procedure of receiving a public key certificate and a response of an opponent when an authentication apparatus 100 according to an embodiment of the disclosure performs a unilateral authentication protocol. Referring to FIGS. 7 to 12 , a procedure of receiving a public key certificate and a response of an opponent will be described below.
- the authentication apparatus 100 may receive the public key certificate (including a public key) and a response corresponding to a challenge, which are received from the opponent 300 .
- the public key certificate of the opponent 300 may be inputted to the certificate handler 120 and may be stored in the shared memory 140 (S 13 - 1 ).
- the certificate handler 120 may process the public key certificate of the opponent 300 stored in the shared memory 140 based on a predefined sequence (S 13 - 2 ).
- the response of the opponent 300 may be stored in the shared memory 140 via the authentication controller 110 (S 13 - 3 ).
- the authentication controller 110 may control an overall operation of the shared memory 140 (S 13 - 4 ).
- FIG. 13 is a block diagram for describing a procedure of verifying a public key certificate and a response of an opponent when an authentication apparatus 100 according to an embodiment of the disclosure performs a unilateral authentication protocol. Referring to FIGS. 7 to 13 , a procedure of verifying a public key certificate and a response of an opponent will be described below.
- the authentication controller 110 may control the cryptographic primitives 130 and the shared memory 140 so as to repeatedly operate, and thus the authentication controller 110 may verify the public key certificate and the response (S 14 - 1 ).
- the public key accelerator 131 may repeatedly access the shared memory 140 during a verification operation of the public key certificate and the response (S 14 - 2 ).
- the hash function 132 may repeatedly access the shared memory 140 during the verification operation of the public key certificate and the response (S 14 - 3 ).
- the authentication apparatus 100 may be applied to a mutual authentication protocol.
- FIG. 14 is a state machine diagram for describing a procedure of performing a mutual authentication protocol of an authentication apparatus according to an embodiment of the disclosure. Referring to FIGS. 1 to 6 and 14 , a mutual authentication protocol of the authentication apparatus 100 may be performed as described below.
- Each of S 210 , S 220 , and S 230 may be performed so as to be the same as or similar to each of S 110 , S 120 , and S 130 illustrated in FIG. 7 , and thus the description thereof may be omitted.
- the reset and initialization operations for entering the initial state S 210 are the same as, or similar to, those described with respect to FIG. 7 .
- the execution operation S 211 , receive authentication request operation S 221 , and generation fail operation S 232 are the same as, or similar to, those of operations S 111 , S 121 and S 132 in FIG. 7 , respectively.
- the authentication apparatus 100 may transition to a public key and challenge state S 240 and transmit (S 241 ) a public key certificate having a public key of the authentication apparatus 100 and the challenge to an opponent while in the public key and challenge transmission state S 240 .
- the authentication apparatus 100 When the public key certificate having the public key and the challenge of the authentication apparatus 100 are transmitted to the opponent (S 241 ), the authentication apparatus 100 enters the public key and response input state S 250 and the opponent may verify the public key certificate and the challenge of the authentication apparatus 100 and may generate a public key certificate of the opponent, a challenge of the opponent, and a response of the opponent corresponding to the challenge of the authentication apparatus 100 .
- the authentication apparatus 100 may receive a public key certificate and the response of the opponent (S 251 ) and thereafter enter the public key and response verification state S 260 .
- the authentication apparatus 100 may verify whether the public key certificate and the response of the opponent are valid while in the public key and response verification state S 260 .
- the state of the authentication apparatus 100 may be transitioned to a fail state S 295 through a receive fail operation (S 252 ).
- the authentication apparatus 100 transitions to the challenge generation and transmission state S 270 and may generate a response and may transmit the response to the opponent (S 271 ).
- the state of the authentication apparatus 100 may be transitioned to the fail state S 295 of the mutual authentication protocol through a verification fail operation S 262 .
- the authentication apparatus 100 When the authentication apparatus 100 generates the response and transmits the response (S 271 ), the authentication apparatus 100 transitions to a shared secret key generation state S 280 and may generate a shared secret key (S 281 ). When the shared secret key is generated (S 281 ), the authentication apparatus 100 may end the mutual authentication protocol by transitioning to the end state (S 290 ).
- the authentication apparatus 100 may differently set a read/write right about values which are generated when the mutual authentication protocol is performed at each operation step or values for performing the mutual authentication protocol.
- FIG. 15 is a table for describing management of internal information rights when an authentication apparatus according to an embodiment of the disclosure performs a mutual authentication protocol.
- an execution value may be readable and writable.
- an execution value may be readable and a request preparation value may be readable and writable.
- the execution value and the request preparation value may be readable, and a challenge value of the authentication apparatus 100 may be readable and writable.
- the execution value, the request preparation value, the challenge value of the authentication apparatus 100 , a public key certificate of the authentication apparatus 100 may be readable and may not be writable.
- the execution value and the request preparation value may be readable, and a public key certificate of an opponent, a certificate verification value, information data, and a response value corresponding to a challenge value of the authentication apparatus 100 may be readable and writable.
- the execution value, the request preparation value, the challenge value of the authentication apparatus 100 , the public key certificate of the opponent, the certificate verification value, the information data, and the response value of the opponent corresponding to the response of the authentication apparatus 100 may be readable, and an intermediate value, a hashed value, and an authentication result value for an authentication protocol may be readable and writable.
- the execution value, the request preparation value, the challenge value of the authentication apparatus 100 , a secret key value of the authentication apparatus 100 , a challenge from the opponent, a public key certificate of the opponent, and the information data may be readable, and the intermediate value, the hashed value, and an authentication result value may be readable and writable.
- the execution value, the request preparation value, the challenge value of the authentication apparatus 100 , and a challenge value of the opponent may be readable, and the intermediate value, the hashed value, and the authentication result value may be readable and writable.
- the authentication result value may be readable and may not be writable.
- FIG. 16 is a ladder diagram for conceptually describing a mutual authentication protocol of an authentication apparatus 100 according to an embodiment of the disclosure.
- a mutual authentication protocol of the authentication apparatus 100 may be performed as described below.
- the authentication apparatus 100 may receive an authentication request from an opponent 400 (S 21 ) and may generate a challenge Challenge_A corresponding to the authentication request (S 23 ).
- the authentication apparatus 100 may transmit a certificate Certificate_A having a public key and the challenge Challenge_A of the authentication apparatus 100 to the opponent 400 (S 24 ).
- the opponent 400 may verify the transmitted certificate Certificate_A of the authentication apparatus 100 and may generate a response corresponding to the challenge Challenge_A of the authentication apparatus 100 .
- the opponent 400 may generate a response Response_O corresponding to the challenge Challenge_A of the authentication apparatus 100 and a challenge Challenge_O of the opponent 400 .
- the authentication apparatus 100 may receive a public key certificate Certificate_O, which has a public key, of the opponent 400 , the response Response_O of the opponent 400 , and the challenge Challenge_O of the opponent 400 (S 25 ).
- the authentication apparatus 100 may verify the public key certificate Certificate_O of the opponent 400 and the response Response_O of the opponent 400 (S 26 ). Afterwards, when the verification of the opponent 400 is valid, the authentication apparatus 100 may generate a response Response_A of the authentication apparatus 100 (S 27 ).
- the authentication apparatus 100 may generate a secret key shared with the opponent 400 (S 28 ). Afterwards, the authentication apparatus 100 may transmit the response Response_O indicating whether a mutual authentication protocol succeeds and the shared secret key to the opponent 400 (S 29 ).
- the shared secret key may be a session key.
- FIG. 17 is a block diagram for describing a procedure of transmitting a public key and a challenge of the authentication apparatus 100 to an opponent 400 when an authentication apparatus 100 according to an embodiment of the disclosure performs a mutual authentication protocol.
- the authentication apparatus 100 may generate a challenge Challenge_A in response to the authentication request of the opponent 400 .
- a challenge generating method may be executed as described in FIG. 11 .
- the generated challenge Challenge_A may be stored in the shared memory 140 .
- the authentication apparatus 100 may transmit the certificate Certificate_A stored in the authentication controller 110 to the opponent 400 (S 24 - 1 ).
- the authentication apparatus 100 may transmit the challenge Challenge_A, which is stored in the shared memory 140 , of the authentication apparatus 100 to the opponent 400 via the authentication controller 110 (S 24 - 2 ).
- FIG. 18 is a block diagram for describing a procedure of receiving a public key certificate, a response, and a challenge of an opponent when an authentication apparatus 100 according to an embodiment of the disclosure performs a mutual authentication protocol. Referring to FIGS. 14 to 18 , a procedure of receiving a public key certificate Certificate_O, a response Response_O, and a challenge Challenge_O of an opponent will be described below.
- the authentication apparatus 100 may receive the public key certificate Certificate_O, the response Response_O, and the challenge Challenge_O of the opponent 400 .
- the public key certificate Certificate_O of the opponent 400 may be stored in the shared memory 140 via the certificate handler 120 (S 25 - 1 ).
- the certificate handler 120 may process the public key certificate Certificate_O of the opponent 400 stored in the shared memory 140 based on a predefined sequence (S 25 - 2 ).
- a response Response_O and a challenge Challenge_O of the opponent 400 may be stored in the shared memory 140 via the authentication controller 110 (S 25 - 3 ).
- the authentication controller 110 may control an overall operation of the shared memory 140 (S 25 - 4 ).
- FIG. 19 is a block diagram for describing a procedure of generating a response of the authentication apparatus 100 in response to a challenge of an opponent when an authentication apparatus 100 according to an embodiment of the disclosure performs a mutual authentication protocol. Referring to FIGS. 14 to 19 , a procedure of generating the response Response_A of the authentication apparatus 100 in response to the challenge Challenge_O of the opponent 400 will be described below.
- the authentication controller 110 may control the cryptographic primitives 130 and the shared memory 140 (S 27 _ 1 ).
- the public key accelerator 131 may repeatedly access the shared memory 140 (S 27 - 2 ).
- the hash function 132 may repeatedly access the shared memory 140 (S 27 - 3 ).
- the generated response Response_A may be transmitted to the opponent 400 via the authentication controller 110 (S 27 - 4 ).
- FIG. 20 is a block diagram for describing a procedure of generating a shared secret key when an authentication apparatus 100 according to an embodiment of the disclosure performs a mutual authentication protocol. Referring to FIGS. 14 to 20 , a procedure of generating a shared secret key will be described below.
- the authentication controller 110 may generate the shared secret key by repeatedly accessing the public key accelerator 131 and the shared memory 140 (S 28 - 1 ). To generate the shared secret key, the public key accelerator 131 may repeatedly access the shared memory 140 (S 28 - 2 ).
- FIG. 21 is a block diagram illustrating a mobile device according to an embodiment of the disclosure.
- a mobile device 1000 may include a secure element 1020 , a processor (AP/ModAP) 1100 , a buffer memory 1200 , a display/touch module 1300 , and a storage device 1400 .
- AP/ModAP processor
- the secure element 1020 may be implemented to provide an overall secure function of the mobile device 1000 .
- the secure element 1020 may be implemented with software and/or tamper resistant hardware, may permit a high-level of security, and may work to collaborate on a trusted execution environment (TEE) of the processor 1100 .
- the secure element 1020 may include a Native operating system (OS), a security storage device which is an internal data storage unit, an access control block which controls a right of access to the secure element 1020 , a security function block for performing ownership management, key management, digital signature, encryption/decryption, and the like, and a firmware update block for updating firmware of the secure element 1020 .
- OS Native operating system
- security storage device which is an internal data storage unit
- an access control block which controls a right of access to the secure element 1020
- a security function block for performing ownership management, key management, digital signature, encryption/decryption, and the like
- firmware update block for updating firmware of the secure element 1020 .
- the secure element 1020 may be a universal IC card (UICC) (e.g., USIM, CSIM, and ISIM), a subscriber identity module (SIM) card, an embedded secure elements (eSE), a MicroSD, Stikers, and the like.
- UICC universal IC card
- SIM subscriber identity module
- eSE embedded secure elements
- the secure element 1020 may include the authentication apparatus 100 described with reference to FIGS. 1 to 20 .
- An embodiment of the disclosure is exemplified as the authentication apparatus 100 illustrated in FIG. 21 exists outside the processor 1100 .
- the scope and spirit of the disclosure may not be limited thereto.
- the authentication apparatus 100 according to an embodiment of the disclosure may exist in the processor 1100 .
- the processor 1100 may be implemented to control an overall operation of the mobile device 1000 and a wired/wireless communication with an external device.
- the processor 1100 may be an application processor (AP), an integrated modem application processor (hereinafter referred to as “ModAP”), or the like.
- AP application processor
- ModeAP integrated modem application processor
- the buffer memory 1200 may be implemented to temporarily store data, which is needed when the mobile device 1000 performs a process operation.
- the display/touch module 1300 may be implemented so as to display data processed from the processor 1100 or to receive data from a touch panel.
- the storage device 1400 may be implemented so as to store data of a user.
- the storage device 1400 may be an embedded multimedia card (eMMC), a solid state drive (SSD), a universal flash storage (UFS), or the like.
- the storage device 1400 may include at least one nonvolatile memory device.
- the nonvolatile memory may be a NAND flash memory, a vertical NAND flash memory (VNAND), a NOR flash memory, a resistive random access memory (RRAM), a phase change memory (PRAM), a magneto-resistive random access memory (MRAM), a ferroelectric random access memory (FRAM), a spin transfer torque random access memory (STT-RAM), or the like.
- the nonvolatile memory may be implemented to have a three-dimensional array structure.
- a three dimensional (3D) memory array is provided.
- the 3D memory array is monolithically formed in one or more physical levels of arrays of memory cells having an active area disposed above a silicon substrate and circuitry associated with the operation of those memory cells, whether such associated circuitry is above or within such substrate.
- the term “monolithic” means that layers of each level of the array are directly deposited on the layers of each underlying level of the array.
- the 3D memory array includes vertical NAND strings that are vertically oriented such that at least one memory cell is located over another memory cell.
- the at least one memory cell may comprise a charge trap layer.
- Each vertical NAND string may include at least one select transistor located over memory cells. The at least one select transistor having the same structure with the memory cells and being formed monolithically together with the memory cells.
- the nonvolatile memory according to an exemplary embodiment of the disclosure may be applicable to a charge trap flash (CTF) in which an insulating layer is used as a charge storage layer, as well as a flash memory device in which a conductive floating gate is used as a charge storage layer.
- CTF charge trap flash
- a configuration of an authentication apparatus based on a public key cryptosystem may provide a method in which sub-components share and use a resource, a method of limiting a storage device in a component and utilizing a shared resource, a structure including the sub-component which performs an authentication protocol based on a public key cryptosystem in view of a sequence, and a structure in which the sub-component processes a public key certificate.
- a hardware structure of the authentication apparatus based on a public key cryptosystem may provide a hardware device for performing an authentication protocol based on a public key cryptosystem and a device for managing a public key certificate.
- FIG. 22 is a schematic diagram illustrating an IoT network system according to an embodiment of the disclosure.
- a mobile device 22 - 1 a wearable device 22 - 2 , smart glasses 22 - 3 , a sensor 22 - 4 , or the like may include the authentication apparatus 100 according to an embodiment of the disclosure.
- a product to which the disclosure is applied may include a device, which supports an authentication based on a public key cryptosystem, such as a light bulb, a thermometer, a motion sensor which support an IoT environment, a smartphone, a print toner, a smartphone flip-cover, an application processor, a display driver integrated circuit (DDI).
- a device which supports an authentication based on a public key cryptosystem, such as a light bulb, a thermometer, a motion sensor which support an IoT environment, a smartphone, a print toner, a smartphone flip-cover, an application processor, a display driver integrated circuit (DDI).
- a display driver integrated circuit DRAM
- the disclosure may be applied to other devices which support an authentication based on a public key cryptosystem as well as the above-described devices.
- An authentication apparatus may make it possible to reduce a size of a conventional memory which each of the components independently uses by sharing a memory and possible to eliminate a central processing unit (CPU) or a nonvolatile memory (NVM) by including a dedicated module which performs an authentication protocol. Accordingly, the authentication apparatus 100 may be lightened.
- CPU central processing unit
- NVM nonvolatile memory
- circuits may, for example, be embodied in one or more semiconductor chips, or on substrate supports such as printed circuit boards and the like.
- circuits constituting a block may be implemented by dedicated hardware, or by a processor (e.g., one or more programmed microprocessors and associated circuitry), or by a combination of dedicated hardware to perform some functions of the block and a processor to perform other functions of the block.
- a processor e.g., one or more programmed microprocessors and associated circuitry
- Each block of the embodiments may be physically separated into two or more interacting and discrete blocks without departing from the scope of the disclosure.
- the blocks of the embodiments may be physically combined into more complex blocks without departing from the scope of the disclosure.
Abstract
Description
Claims (20)
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR10-2015-0139168 | 2015-10-02 | ||
KR20150139168 | 2015-10-02 | ||
KR1020150168664A KR102458351B1 (en) | 2015-10-02 | 2015-11-30 | Authentication apparatus based on public key cryptosystem, mobile device having the same and authentication method thereof |
KR10-2015-0168664 | 2015-11-30 |
Publications (2)
Publication Number | Publication Date |
---|---|
US20170099151A1 US20170099151A1 (en) | 2017-04-06 |
US11070380B2 true US11070380B2 (en) | 2021-07-20 |
Family
ID=58448098
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US15/212,343 Active 2038-04-06 US11070380B2 (en) | 2015-10-02 | 2016-07-18 | Authentication apparatus based on public key cryptosystem, mobile device having the same and authentication method |
Country Status (1)
Country | Link |
---|---|
US (1) | US11070380B2 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11381537B1 (en) * | 2021-06-11 | 2022-07-05 | Oracle International Corporation | Message transfer agent architecture for email delivery systems |
Families Citing this family (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105187450B (en) * | 2015-10-08 | 2019-05-10 | 飞天诚信科技股份有限公司 | A kind of method and apparatus authenticated based on authenticating device |
EP3379789A1 (en) | 2017-03-20 | 2018-09-26 | Koninklijke Philips N.V. | Mutual authentication system |
US10178187B2 (en) | 2017-04-01 | 2019-01-08 | Paul Stuart Swengler | System and methods for internet of things (IoT) device authentication and security |
US10887090B2 (en) * | 2017-09-22 | 2021-01-05 | Nec Corporation | Scalable byzantine fault-tolerant protocol with partial tee support |
CN107749854B (en) * | 2017-10-30 | 2019-12-27 | 武汉烽火信息集成技术有限公司 | Single sign-on method and system based on client |
US10678950B2 (en) * | 2018-01-26 | 2020-06-09 | Rockwell Automation Technologies, Inc. | Authenticated backplane access |
US11190507B2 (en) * | 2018-09-27 | 2021-11-30 | Apple Inc. | Trusted device establishment |
EP4222623A1 (en) * | 2020-10-01 | 2023-08-09 | Oboren Systems, Inc. | Exclusive self-escrow method and apparatus |
CN113347004A (en) * | 2021-06-04 | 2021-09-03 | 南京华盾电力信息安全测评有限公司 | Encryption method for power industry |
Citations (25)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030126458A1 (en) * | 2000-12-28 | 2003-07-03 | Kabushiki Kaisha Toshiba | Method for sharing encrypted data region among processes in tamper resistant processor |
US20050154889A1 (en) | 2004-01-08 | 2005-07-14 | International Business Machines Corporation | Method and system for a flexible lightweight public-key-based mechanism for the GSS protocol |
US20060150241A1 (en) | 2004-12-30 | 2006-07-06 | Samsung Electronics Co., Ltd. | Method and system for public key authentication of a device in home network |
US20070060216A1 (en) * | 2005-09-12 | 2007-03-15 | Cheng-Wen Huang | Portable communication apparatus |
US7269726B1 (en) | 2000-01-14 | 2007-09-11 | Hewlett-Packard Development Company, L.P. | Lightweight public key infrastructure employing unsigned certificates |
US20090136035A1 (en) | 2007-11-27 | 2009-05-28 | Samsung Electronics Co., Ltd. | Public key infrastructure-based bluetooth smart-key system and operating method thereof |
US7679133B2 (en) | 2007-11-08 | 2010-03-16 | Samsung Electronics Co., Ltd. | Vertical-type non-volatile memory devices |
US20100153719A1 (en) | 2008-12-17 | 2010-06-17 | Information And Communications University | Lightweight Authentication Method and System for Low-Cost Devices Without Pseudorandom Number Generator |
US20110093714A1 (en) | 2009-10-20 | 2011-04-21 | Infineon Technologies Ag | Systems and methods for asymmetric cryptographic accessory authentication |
US8000469B2 (en) | 2000-04-13 | 2011-08-16 | Broadcom Corporation | Authentication engine architecture and method |
US20110233648A1 (en) | 2010-03-26 | 2011-09-29 | Samsung Electronics Co., Ltd. | Three-Dimensional Semiconductor Memory Devices And Methods Of Fabricating The Same |
US8087073B2 (en) | 2001-03-27 | 2011-12-27 | Microsoft Corporation | Authentication architecture |
US8112626B1 (en) | 2006-01-20 | 2012-02-07 | Symantec Corporation | Method and apparatus to provide public key authentication with low complexity devices |
US8254581B2 (en) | 2007-05-22 | 2012-08-28 | Intel Corporation | Lightweight key distribution and management method for sensor networks |
US8291229B2 (en) | 2008-01-17 | 2012-10-16 | Hitachi, Ltd. | System and method for digital signatures and authentication |
US8522035B2 (en) | 2011-09-20 | 2013-08-27 | Blackberry Limited | Assisted certificate enrollment |
US8553466B2 (en) | 2010-03-04 | 2013-10-08 | Samsung Electronics Co., Ltd. | Non-volatile memory device, erasing method thereof, and memory system including the same |
US8559235B2 (en) | 2010-08-26 | 2013-10-15 | Samsung Electronics Co., Ltd. | Nonvolatile memory device, operating method thereof and memory system including the same |
US8630411B2 (en) | 2011-02-17 | 2014-01-14 | Infineon Technologies Ag | Systems and methods for device and data authentication |
US8654587B2 (en) | 2010-08-11 | 2014-02-18 | Samsung Electronics Co., Ltd. | Nonvolatile memory devices, channel boosting methods thereof, programming methods thereof, and memory systems including the same |
US8694783B2 (en) | 2007-01-22 | 2014-04-08 | Samsung Electronics Co., Ltd. | Lightweight secure authentication channel |
US20150163059A1 (en) | 2007-06-11 | 2015-06-11 | Nxp B.V. | Method of generating a public key for an electronic device and electronic device |
US20150222629A1 (en) | 2012-12-23 | 2015-08-06 | Mcafee, Inc. | Hardware-based device authentication |
US9111283B1 (en) | 2010-06-14 | 2015-08-18 | Impinj, Inc. | RFID tag authentication with public-key cryptography |
US9223958B2 (en) | 2005-01-07 | 2015-12-29 | Apple Inc. | Accessory authentication for electronic devices |
-
2016
- 2016-07-18 US US15/212,343 patent/US11070380B2/en active Active
Patent Citations (25)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7269726B1 (en) | 2000-01-14 | 2007-09-11 | Hewlett-Packard Development Company, L.P. | Lightweight public key infrastructure employing unsigned certificates |
US8000469B2 (en) | 2000-04-13 | 2011-08-16 | Broadcom Corporation | Authentication engine architecture and method |
US20030126458A1 (en) * | 2000-12-28 | 2003-07-03 | Kabushiki Kaisha Toshiba | Method for sharing encrypted data region among processes in tamper resistant processor |
US8087073B2 (en) | 2001-03-27 | 2011-12-27 | Microsoft Corporation | Authentication architecture |
US20050154889A1 (en) | 2004-01-08 | 2005-07-14 | International Business Machines Corporation | Method and system for a flexible lightweight public-key-based mechanism for the GSS protocol |
US20060150241A1 (en) | 2004-12-30 | 2006-07-06 | Samsung Electronics Co., Ltd. | Method and system for public key authentication of a device in home network |
US9223958B2 (en) | 2005-01-07 | 2015-12-29 | Apple Inc. | Accessory authentication for electronic devices |
US20070060216A1 (en) * | 2005-09-12 | 2007-03-15 | Cheng-Wen Huang | Portable communication apparatus |
US8112626B1 (en) | 2006-01-20 | 2012-02-07 | Symantec Corporation | Method and apparatus to provide public key authentication with low complexity devices |
US8694783B2 (en) | 2007-01-22 | 2014-04-08 | Samsung Electronics Co., Ltd. | Lightweight secure authentication channel |
US8254581B2 (en) | 2007-05-22 | 2012-08-28 | Intel Corporation | Lightweight key distribution and management method for sensor networks |
US20150163059A1 (en) | 2007-06-11 | 2015-06-11 | Nxp B.V. | Method of generating a public key for an electronic device and electronic device |
US7679133B2 (en) | 2007-11-08 | 2010-03-16 | Samsung Electronics Co., Ltd. | Vertical-type non-volatile memory devices |
US20090136035A1 (en) | 2007-11-27 | 2009-05-28 | Samsung Electronics Co., Ltd. | Public key infrastructure-based bluetooth smart-key system and operating method thereof |
US8291229B2 (en) | 2008-01-17 | 2012-10-16 | Hitachi, Ltd. | System and method for digital signatures and authentication |
US20100153719A1 (en) | 2008-12-17 | 2010-06-17 | Information And Communications University | Lightweight Authentication Method and System for Low-Cost Devices Without Pseudorandom Number Generator |
US20110093714A1 (en) | 2009-10-20 | 2011-04-21 | Infineon Technologies Ag | Systems and methods for asymmetric cryptographic accessory authentication |
US8553466B2 (en) | 2010-03-04 | 2013-10-08 | Samsung Electronics Co., Ltd. | Non-volatile memory device, erasing method thereof, and memory system including the same |
US20110233648A1 (en) | 2010-03-26 | 2011-09-29 | Samsung Electronics Co., Ltd. | Three-Dimensional Semiconductor Memory Devices And Methods Of Fabricating The Same |
US9111283B1 (en) | 2010-06-14 | 2015-08-18 | Impinj, Inc. | RFID tag authentication with public-key cryptography |
US8654587B2 (en) | 2010-08-11 | 2014-02-18 | Samsung Electronics Co., Ltd. | Nonvolatile memory devices, channel boosting methods thereof, programming methods thereof, and memory systems including the same |
US8559235B2 (en) | 2010-08-26 | 2013-10-15 | Samsung Electronics Co., Ltd. | Nonvolatile memory device, operating method thereof and memory system including the same |
US8630411B2 (en) | 2011-02-17 | 2014-01-14 | Infineon Technologies Ag | Systems and methods for device and data authentication |
US8522035B2 (en) | 2011-09-20 | 2013-08-27 | Blackberry Limited | Assisted certificate enrollment |
US20150222629A1 (en) | 2012-12-23 | 2015-08-06 | Mcafee, Inc. | Hardware-based device authentication |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11381537B1 (en) * | 2021-06-11 | 2022-07-05 | Oracle International Corporation | Message transfer agent architecture for email delivery systems |
US11784959B2 (en) * | 2021-06-11 | 2023-10-10 | Oracle International Corporation | Message transfer agent architecture for email delivery systems |
Also Published As
Publication number | Publication date |
---|---|
US20170099151A1 (en) | 2017-04-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11070380B2 (en) | Authentication apparatus based on public key cryptosystem, mobile device having the same and authentication method | |
US11809335B2 (en) | Apparatuses and methods for securing an access protection scheme | |
US10839391B2 (en) | Method and apparatus for secure offline payment | |
TWI740409B (en) | Verification of identity using a secret key | |
US11843705B2 (en) | Dynamic certificate management as part of a distributed authentication system | |
US8060925B2 (en) | Processor, memory, computer system, and method of authentication | |
JP2022527757A (en) | Generating the ID of a computing device using a physical duplication difficulty function | |
US10318765B2 (en) | Protecting critical data structures in an embedded hypervisor system | |
US20160026799A1 (en) | Security device having indirect access to external non-volatile memory | |
US20180081827A1 (en) | Securely Binding Between Memory Chip and Host | |
US11615207B2 (en) | Security processor configured to authenticate user and authorize user for user data and computing system including the same | |
JP2022527163A (en) | Verification of the validity of data stored in memory using cryptographic hashes | |
US11423182B2 (en) | Storage device providing function of securely discarding data and operating method thereof | |
US20230259629A1 (en) | Secure programming of one-time-programmable (otp) memory | |
KR20210134053A (en) | How to Validate Over-the-Air Updates | |
KR20210132211A (en) | Blockchain-based verification of memory commands | |
KR20210132721A (en) | Secure communication when accessing the network | |
KR102458351B1 (en) | Authentication apparatus based on public key cryptosystem, mobile device having the same and authentication method thereof | |
US20220050605A1 (en) | Remote enforcement of device memory | |
US11669610B2 (en) | Authentication device, method and system | |
US20220385485A1 (en) | Identity theft protection with no password access | |
US20230015334A1 (en) | Deriving dependent symmetric encryption keys based upon a type of secure boot using a security processor | |
TW201721506A (en) | Hardware protection based on fabrication characteristics |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: SAMSUNG ELECTRONICS CO., LTD., KOREA, REPUBLIC OF Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:KIM, KITAK;KANG, JI-SU;BAE, KISEOK;AND OTHERS;SIGNING DATES FROM 20160503 TO 20160511;REEL/FRAME:039182/0490 |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE AFTER FINAL ACTION FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: ADVISORY ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: ADVISORY ACTION MAILED |
|
STCV | Information on status: appeal procedure |
Free format text: APPEAL BRIEF (OR SUPPLEMENTAL BRIEF) ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: AWAITING TC RESP., ISSUE FEE NOT PAID |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: PUBLICATIONS -- ISSUE FEE PAYMENT RECEIVED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: PUBLICATIONS -- ISSUE FEE PAYMENT VERIFIED |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |